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DETAILED ACTION 

Claims 1-26 are pending. Any objections or rejections not repeated for record 
below or specifically addressed are withdrawn due to applicant's arguments and/or 
amendments. Any well known art statements not specifically traversed by applicant in 
the previous office action(s) are taken as admittance of prior art as per MPEP 2144.03. 

Response to Amendment and Arguments 

Applicant's amendments and arguments have been considered, but are moot in 
view of new grounds of rejections presented below in response to the amendments. 

Applicant first noted in arguments submitted that during a telephone conference 
on 1/27/2006 that 101 rejections were discussed. The examiner recalls stating that the 
Office had recently published new 101 interim guidelines for examiners to follow (in 
October 2005) after the non-final office action had already been sent to applicant. The 
examiner/stated that the new guidelines might render the some of the 101 rejections 
moot and the examiner would have to review the rejections in light of the new interim 
guidelines, which set forth the latest Office policies for determining whether a claim 
should be rejected under 35 (JSC 101, to make a decision of whether or not to withdraw 
the 101 rejections. 

Applicant believes the 101 rejections of claims 1-19 and 24-27 are improper. 
Reviewing the claims once more in light of the newest Office policies, the examiner 
agrees that the 101 rejections to claims 1-17 should be withdrawn since claim 1 is a 
method claim directed towards the practical application of securing information. The 
steps recited in claim 1 yields a concrete, useful, tangible result, i.e. secured 
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information— encrypted information and encrypted secret key being securely 
transmitted. According to the newest Office policies for 101, a method being directed 
towards a practical application and yielding a concrete, useful, and tangible result, 
which is either explicitly recited in the claim or flows inherently from the steps of the 
method would make the method claim statutory. Claims 2-14 depends from claim 1 and 
are also statutory for the same reasons. Claim 15 is also a method claim and is 
directed towards the practical application of securing information. Like claim 1 , the 
steps of claim 15 also yield a concrete, useful, and tangible result, i.e. encrypted 
information and encrypted secret key being securely transmitted. Thus, claim 15 and its 
dependent claims (claims 16-17) are also statutory. The 101 rejections for claims 1-17 
from the previous office action are withdrawn for the reasons given in this paragraph. 

As per claim 18, the previous office action rejected the claim under 35 USC 101 
for being directed towards software per se, i.e. the network element of claim 18 
comprised means which appeared to be all software means. Reviewing the claim once 
more based on what is disclosed in the 101 interim guideline and based on what is 
disclosed in applicant's specification, the examiner believes that the 101 rejection for 
claim 18 should be maintained because system or apparatus claims directed towards 
software per se are still considered non-statutory. The means recited in claim 19 also 
appears to be software means based on what is disclosed in applicant's specification. 
The examiner notes that if at least one hardware or means that is disclosed in the 
specification as being hardware (without a purely software alternative) were to be 
recited in claim 18, then claims 18 and 19 would be statutory. 
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Claims 24-27 are directed towards a secure communication system and were 
rejected as being directed in the previous office action as being directed to software per 
se. The examiner believes that the 101 rejections for claims 24-27 should be 
maintained because software per se is still not statutory according the latest Office 
policies. Applicant should recite at least one hardware component as being part of the 
secure communication system of claim 24 to overcome the 101 rejections. 

Applicant argues that the 112, second paragraph rejections made in the previous 
office action were not necessarily correct and that claims must be read in light of the 
specification and are interpreted in view of ordinary skill in the art. The examiner agrees 
that claims are read in light of what is disclosed in the specification and that they are 
interpreted in view of ordinary skill in the art. However, to summarize the decisions of 
the courts, "the name of the game is the claim", see In re Hiniker Co., 150 F.3d 1362, 
1369, 47 USPQ2d 1523, 1529 (Fed. Cir. 1998). If the claims as recited are indefinite, 
then rejection of the claims for failing to particularly point out what applicant considers to 
be his/her invention is proper. 

As per claim 1, applicant argues the art rejection of claim 1 as being anticipated 
by Perlman. Applicant argues that Perlman does not discloses receiving encrypted 
information from a sender for transmission to at least one intended recipient and 
receiving an encrypted secret key encrypted using a public key associated with a 
secure distribution server. The examiner notes that this limitation was amended by 
applicant and was not what was originally recited in claim 1 . Whether or not Perlman 
discloses this limitation when Perlman originally was used to reject original claim 1 is 
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moot since that was not the limitation that Perlman was used to reject and the scope of 
the claim has changed due to applicant's amendment. 

Further, the examiner respectfully disagrees with applicant that Perlman does not 
disclose the limitation. First, note that the examiner interprets the secure distribution 
server recited in claim 1 as being the DLE and group server 1 14 of Perlman's invention. 
One can even interpret that the secure distribution server can also include certificate 
server 1 1 6. Note that a search of the prior art shows that at the time applicant's 
invention was made, in the art of computing, the term "server" can refer to either a 
single computer or multiple computers. This is evidenced by Jevans (US 6,912,656), 
see col 2, lines 49-51 . The examiner submits that the broadest, reasonable 
interpretation of a server is anything, whether it is a singular item or a group of items, 
which process requests from clients. Perlman himself implicitly states that the functions 
of the DLE and group server can be combined into just the DLE, i.e. the DLE and group 
server can be one unit in his invention. In column 5, lines 10-15 and 34-37, Perlman 
discloses DLE receiving encrypted information 204 and an encrypted secret key 210 
from a sender for transmission to at least one intended recipient. Encrypted secret key 
210 was encrypted with group public key 107. In column 6, lines 47-65 and column 7, 
lines 41-59, Perlman discloses group server 1 14 utilizing a group private key 302 to 
decrypt the encrypted secret key 210 to get back the message key 204. This message 
key 204 was then encrypted with the public key of the recipient(s) 106 to result in an 
encrypted message key 308, which is sent to the recipient. These items read on the 
limitation being argued by applicant. Fig 3 shows that group private key 302 belongs to 
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and is associated with group server 1 14, thus the public key 107 is associated with the 
secure distribution server, which comprises the DLE and the group server 1 14 (and the 
certificate server 116), since public key 107 and private key 302 are a public/private key 
pair. 

Claim Rejections - 35 USC § 101 

35 U.S.C. 101 reads as follows: 

Whoever invents or discovers any new and useful process, machine, manufacture, or composition of 
matter, or any new and useful improvement thereof, may obtain a patent therefor, subject to the 
conditions and requirements of this title. 

Claims 18-19 and 24-27 are rejected under 35 U.S.C. 101 because the claimed 
invention is directed to non-statutory subject matter. 
Claim 18: 

Claim 18 refers to a software network element comprising software means. Note 
that on page 7-8 of the specification, applicant defined a network element such that it 
"may be an intranet" or it "may be implemented as a server suitably coupled to one or 
more wide are networks...." However, this language does not exclude the network 
element being software alone. Software by itself is non-statutory. 
Claim 19: 

Claim 19 merely further defines the software network element of claim 18. 
Nothing statutory was recited. 
Claim 24: 

Claim 24 recites a secure communication system which can be implemented in 
software alone as the limitations it comprises all read on software elements. 
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Claims 25-27: 

Claims 25-27 merely further define the software communication system of claim 
24. Nothing statutory was recited. 

Claim Rejections -35 USC §102 

The following is a quotation of the appropriate paragraphs of 35 U.S.C. 102 that 
form the basis for the rejections under this section made in this Office action: 
A person shall be entitled to a patent unless - 

(e) the invention was described in (1) an application for patent, published under section 122(b), by 
another filed in the United States before the invention by the applicant for patent or (2) a patent 
granted on an application for patent by another filed in the United States before the invention by the 
applicant for patent, except that an international application filed under the treaty defined in section 
351(a) shall have the effects for purposes of this subsection of an application filed in the United States 
only if the international application designated the United States and was published under Article 21(2) 
of such treaty in the English language. 

Claims 1, 3-8, 10, 15, 17-20, 22-24, and 26 are rejected under 35 U.S.C. 102(e) 
as being anticipated by Perlman et al (US 6,912,656). 
Claim 1: 

Perlman discloses the limitations of: 

1 . Receiving encrypted information from a sender for transmission to at least one 
intended recipient and receiving an encrypted secret key encrypted using a 
public key associated with a secure distribution server (Fig 4A-4C; col 5, lines 10- 
15 and 34-37; col 6, lines 47-65; and col 7, lines 41-59). 

2. Decrypting the encrypted secret key to produce a decrypted secret key (Fig 4A- 
4C and col 7, lines 41-59). 
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3. Obtaining a corresponding public key of the at least one intended recipient using 
a corresponding public key to produce at least one recipient specific secure 
secret key (Fig 4A-4C and col 7, lines 41-59). 

4. Forwarding the encrypted information sent by the sender and at least one 
recipient specific secure secret key for the at least one intended recipient (Fig 
4A-4C; col 5, lines 23-37; and col 7, lines 51-59). 

Claim 3: 

Perlman further discloses wherein the step of encrypting the decrypted secret 
key with a corresponding public key of the at least one intended recipient includes 
encrypting a copy of the decrypted secret key for each intended recipient with a 
corresponding recipient public key (Fig 4A-4C). Note the group public'key corresponds 
to each recipient and the private key held by each recipient. 
Claim 4: 

Perlman further discloses encrypting information with the secret key to produce 
the encrypted information, encrypting the secret key with a public key associated with 
the secure distribution server to produce the encrypted secret key, and sending the 
encrypted information and the encrypted secret key to the secure distribution server (Fig 
4A-4C; col 5, lines 10-15 and 34-37; col 6, lines 47-65; and col 7, lines 41-59). 
Claim 5: 

Perlman further implicitly discloses wherein encrypting the secret key includes 
encrypting the secret key using a public key for each of a plurality of secure distribution 



Application/Control Number: 1 0/092,277 Page 9 

Art Unit: 2135 

servers to produce a plurality of secure distribution server specific encrypted secret 
keys (Fig 4A-4C and col 4, lines 47-51). 
Claim 6: 

The limitation of storing the encrypted information in an encrypted form locally on 
a device that performed the step of encrypting information with the secret key is 
inherent to Perlman's invention. To be able to encrypt and then forward the encrypted 
information to the secure distribution server, the device which performed the encryption 
process must store the encrypted information locally in memory before being able to 
send the encrypted information. 
Claim 7: 

Perlman further discloses the step of encrypting the secret key, by a sending 
device, with a public key associated with at least one of a user of the sending device 
and the sending device (Fig 4A-4C). Note that the DLE and group server are also 
sending devices. The recipients are users of the DLE and group server. 
Claim 8: 

Perlman further discloses the step of digitally signing the information using a 
private signing key associated with at least one of a user of a sending device and the 
sending device (col 4, lines 52-64 and col 5, Jines 58-67). 
Claim 10: 

Perlman further discloses the step of determining, by the secure distribution 
server, if the encrypted information needs to be sent to other entities, if so, encrypting 
the decrypted secret key using a public key associated with each of the additional 



Application/Control Number: 10/092,277 Page 10 

Art Unit: 2135 

entities (Fig 4A-4C; col 5, lines 10-15 and 34-37; col 6, lines 47-65; and col 7, lines 41- 
59). Note the other entities read on the additional recipients in the distribution list. 
Claim 15: 

Perlman discloses the limitations of: 

1 . Receiving, by a secure distribution server, encrypted information from a sender 
for transmission to a plurality of recipients and an encrypted secret key encrypted 
using a public key associated with a secure distribution server (Fig 4A-4C; col 5, 
lines 10-15 and 34-37; col 6, lines 47-65; and col 7, lines 41-59). 

2. Decrypting, by the secure distribution server, the encrypted secret key to produce 
a decrypted secret key (Fig 4A-4C and col 7, lines 41-59). 

3. Obtaining, by the secure distribution server, a corresponding public key of the at 
least one intended recipient using a corresponding public key to produce at least 
one recipient specific secure secret key (Fig 4A-4C and col 7, lines 41-59). 

4. Forwarding, by the secure distribution server, the encrypted information sent by 
the sender and at least one recipient specific secure secret key for the at least 
one intended recipient (Fig 4A-4C; col 5, lines 23-37; and col 7, lines 51-59). 

Claim 17: 

Claim 17 recites a limitation substantially similar to what is recited in claim 3 and 
is rejected for the same reasons. 
Claim 18: 
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Claim 18 is directed towards a network work element comprising means for 
implementing the method of claim 1. Claim 18 is rejected for similar reasons given in 
claim 1. 
Claim 19: 

Claim 19 recites a limitation substantially similar to what is recited in claim 12 and 
is rejected for the same reasons given for claim 12 below. 
Claim 20: 

Claim 20 is directed towards a storage medium comprising memory containing 
executable instructions that when read by one or more processing devices, causes the 
one or more processing devices to implement the method of claim 1 . Note that because 
Perlman's invention is computer implemented, a memory containing executable 
instructions that when read by one or more processing devices, cause the one or more 
processing devices to perform the method of claim 1 is inherent to Perlman's invention. 
Claim 20 is rejected for the same reasons given in claim 1. 
Claim 22: 

Perlman further inherently discloses memory containing executable instructions 
that when read by the one or more processing devices causes the one or more 
processing devices to encrypt a copy of the decrypted secret key for each intended 
recipient with a corresponding recipient public key (Fig 4A-4C). 
Claim 23: 

Perlman further inherently discloses memory containing executable instructions 
that when read by the one or more processing devices causes the one or more 
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processing devices to determine if the encrypted information needs to be sent to other 
entities, if so, encrypting the decrypted secret key using a public key associated with 
each of the additional entities (Fig 4A-4C). 
Claim 24: 

Perlman discloses the limitations of: 

1 . At least one sender that encrypts information with a secret key to produce encrypted 
information, encrypts the secret key with a public key associated with a network 
element to produce an encrypted secret key, and during an online session, sends 
the encrypted information and the encrypted secret key to the network elements (Fig 
1, item 104 and 4A-4C). 

2. At least one intended recipient (Fig 1 ,. items 106 and 108). 

3. At least one network element, operatively coupled to the sender and to the at least 
one intended recipient (Fig 1, items 110, 116, and 114), including means as recited 
in claim 18. 

The means of the at least one network element recited in claim 24 are rejected 
for the same reasons given in claim 18. 
Claim 26: 

Claim 26 recites the means for performing the limitation of the method recited in 
claim 12 and is rejected for the same reasons given in claim 12 below. 
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Claim Rejections - 35 USC § 103 

The following is a quotation of 35 U.S.C. 103(a) which forms the basis for all 
obviousness rejections set forth in this Office action: 

(a) A patent may not be obtained though the invention is not identically disclosed or described as set 
forth in section 102 of this title, if the differences between the subject matter sought to be patented and 
the prior art are such .that the subject matter as a whole would have been obvious at the time the 
invention was made to a person having ordinary skill in the art to which said subject matter pertains. 
Patentability shall not be negatived by the manner in which the invention was made. 

Claims 2, 9, 12-13, 16, 21, and 25-26 are rejected under 35 U.S.C. 103(a) as 

being unpatentable over Perlman et al (US 6,912,656). 

Claim 2: 

Perlman further discloses determining a plurality of intended recipients and 
retrieving a corresponding public key of the plurality of intended recipients for encrypting 
the decrypted secret key (Fig 4A-4C and col 2, lines 22-31). 

Note that in Perlman's invention, each of the recipients share one group public 
key, while holding their own copy of the private key corresponding to that public key. 
Perlman does not explicitly disclose that each of the plurality of intended recipients have 
corresponding public keys. However, Perlman's invention still reads on the limitation 
recited in claim 2 because each of the recipient has a copy of the private key, so in that 
manner each recipient's privately held private key forms a public/private key pair with 
the public key that was used to encrypt the secret key for secure transmission to the 
recipients. The limitation as recited in claim 2 does not deviate from the spirit of 
Perlman's invention. * 

Further, the examiner notes that recipients with their own public/private key pair 
were well known at the time the applicant's invention was made. It would have been 



Application/Control Number: 10/092,277 Page 14 

Art Unit: 2135 

obvious to one of ordinary skill in the art at the time applicant's invention was made to 
have replaced the group public key in Perlman's invention with a public key from each 
recipient's public/private key pair and used each recipient's public key to encrypt a copy 
of the message secret key for secure transmission to each recipient. One of ordinary 
skill would have been motivated to do so as this would allow the secret key to be sent 
securely to each recipient without having to place each recipient in a group list first. 
Claim 9: 

Perlman does not disclose the step of receiving the encrypted information and 
the encrypted secret key and forwarding the encrypted information and the encrypted 
secret key to the secure distribution server without decrypting the encrypted secret key. 
However, this limitation reads on forwarding/routing packets by nodes in a network, 
which was well known and commonly used in networks at the time applicant's invention 
was made. It would have been obvious to one of ordinary skill in the art to have 
modified Perlman's invention according to the limitations recited in claim 9. One of 
ordinary skill would have been motivated to do so as direct connections between a 
sender and receiver in a network are rare and packets often have to be received and 
forwarded by other nodes in the network before the packets get to the final destination 
node. 
Claim 12: 

Perlman further discloses wherein retrieving the corresponding public keys of the 
plurality of intended recipients for encrypting the decrypted secret key includes 
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obtaining the corresponding public keys from at least one of: a certificate retrieval and 
validation service, an LDAP lookup and a certificate directory lookup (col 7, lines 13-28). 
Claim 13: 

Perlman discloses the steps of: encrypting information with a secret key to 
produce the encrypted information, encrypting the secret key with a public key 
associated with the secure distribution server to produce the encrypted secret key, and 
during an online session, sending the encrypted information and the encrypted secret 
key to the secure distribution server (Fig 4A-4C). 

Perlman does not explicitly disclose the encryption of the information and secret 
key are done offline. However, the examiner submits that encrypting information and a 
secret key offline is well known in the art. For example, it is well known that a user can 
prepare an email message for sending on a laptop when the laptop does not have a 
network connection, i.e. if the user was on a plane for a business trip. The message is 
usually prepared to a state where the only thing needed to be able to send the email is 
a network connection. Later, when the laptop is .connected to a network, the message 
can then be sent. It would have been obvious to have the encryption of the message 
and key done offline prior to connecting to a network as the encryption process might 
take a long time and connection charges on the road can be expensive. 

In light of the above, it would have been obvious to one of ordinary skill in the art 
at the time the applicant's invention was made to have modified Perlman's invention 
according to the limitations recited in claim 13. One of ordinary skill would have been 
motivated to do so as it is common practice to be able to prepare messages offline 
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during business trips and one of ordinary skill would have been motivated to encrypt the 
message and key offline prior to sending when a computer is online as it would reduce 
the amount of time the computer has to be connected to a network; this would reduce 
connection fees where the user is charged by the minute. 
Claim 16: 

Claim 16 recites a limitation substantially similar to what is recited in claim 2 and 
is rejected for the same reasons. 
Claim 21: 

Claim 21 recites a limitation substantially similar to what was recited in claim 2 
and is rejected for the same reasons. 
Claim 25: 

Claim 25 recites a limitation substantially similar to what is recited in claim 13 and 
is rejected for the same reasons. 



Claims 1 1 and 27 are rejected under 35 U.S. C. 103(a) as being unpatentable 
over Perlman et al (US 6,912,656) in view of Chen et al (US 5,832,208). 
Claim 11: 

Perlman discloses the steps of: encrypting the decrypted secret key using a 
public key and sending the encrypted information and the encrypted secret key. 
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Perlman does not disclose the public key is associated with a content scanning 
device; the sending is to the content scanning device; receiving a result back from the 
content scanning device, forwarding the encrypted information based on the result sent 
by the content scanning device and based on at least one recipient specific secure 
secret key for at least one intended recipient. 

However, Chen discloses a virus scanner, i.e. content scanning device, being- 
implemented on a server (col 5, lines 53-60). Chen discloses that emails sent to the 
server are scanned for viruses, an alert is generated if a virus is detected/and if 
possible, the virus is removed from the email attachment (col 5, lines 25-27 and col 7, 
lines 57-60). 

In light of Chen's teachings, it would have been obvious to one of ordinary skill in 
the art to have combined Perlman and Chen's teachings according to the limitations 
recited in claim 11. One of ordinary skill would have been motivated to do so as 
scanning messages for viruses and removing the virus from email messages would 
prevent the spread of viruses to recipients of the email messages, which would 
compromise the recipient's system and any network they are attached to. 
Claim 27: 

Claim 27 recites a network element which performs the limitations of the method 
recited in claim 1 1 and is rejected for the same reasons given in claim 1 1 . 
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Claim 14 is rejected under 35 U.S.C. 103(a) as being unpatentable over Perlman 
et al (US 6,912,656) in view of Bouchard et al (US 2002/0091928). 
Claim 14: 

Perlman does not disclose sending the encrypted information to a time stamper 
and receiving a time stamped result prior to forwarding the encrypted information and 
the at least one recipient specific secure secret key to the at least one corresponding 
intended recipient. 

However, Bouchard discloses time stamping a message by a time stamper prior 
to forwarding the message to a recipient (p3, paragraph 31, lines 11-15 and Fig 2). In 
light of Bouchard's teachings it would have been obvious to one of ordinary skill in the 
art at the time the applicant's invention was made to have modified Perlman's invention 
according to the limitations recited in claim 14. One of ordinary skill would have been 
motivated to do so as Bouchard discloses that applying a time stamp to a message 
allow for an audit log of the message, which is useful in preventing the repudiation of 
digitally-signed documents/messages (p3, paragraph 28). 

Conclusion 

Applicant's amendment necessitated the new ground(s) of rejection presented in 
this Office action. Accordingly, THIS ACTION IS MADE FINAL. See MPEP 
§ 706.07(a). Applicant is reminded of the extension of time policy as set forth in 37 
CFR 1.136(a). 
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A shortened statutory period for reply to this final action is set to expire THREE 
MONTHS from the mailing date of this action. In the event a first reply is filed within 
TWO MONTHS of the mailing date of this final action and the advisory action is not 
mailed until after the end of the THREE-MONTH shortened statutory period, then the 
shortened statutory period will expire on the date the advisory action is mailed, and any 
"extension fee pursuant to 37 CFR 1.136(a) will be calculated from the mailing date of 
the advisory action. In no event, however, will the statutory period for reply expire later 
than SIX MONTHS from the date of this final action. 

Any inquiry concerning this communication or earlier communications from the 
examiner should be directed to Ponnoreay Pich whose telephone number is 571-272- 
7962. The examiner can normally be reached on 9:00am-4:30pm Mon-Fri. 

If attempts to reach the examiner by telephone are unsuccessful, the examiner's 
supervisor, Kim Vu can be reached on 571-272-3859. The fax phone number for the 
organization where this application or proceeding is assigned is 571-273-8300. 

Information regarding the status of an application may be obtained from the 
Patent Application Information Retrieval (PAIR) system. Status information for 
published applications may be obtained from either Private PAIR or Public PAIR. 
Status information for unpublished applications is available through Private PAIR only. 
For more information about the PAIR system, see http://pair-direct.uspto.gov. Should 
you have questions on access to the Private PAIR system, contact the Electronic 
Business Center (EBC) at 866-217-9197 (toll-free). 
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